package cn.xinyangtong.sso.controller;

import cn.xinyangtong.common.util.RequestUtil;
import cn.xinyangtong.pojo.TbUser;
import cn.xinyangtong.sso.service.SessionProvider;
import cn.xinyangtong.sso.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.util.DigestUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.imageio.ImageIO;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.awt.*;
import java.awt.image.BufferedImage;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Random;

/**
 * Created by fengbo on 2017/8/1.
 */
@Controller
public class LoginController {

    @Autowired
    private UserService userService;
    @Autowired
    private SessionProvider sessionProvider;

    /**
     * 去登录页面
     */
    @RequestMapping(value = "/login", method = RequestMethod.GET)
    public String login(String returnUrl, Model model) {
        model.addAttribute("returnUrl", returnUrl);
        return "login";
    }

    /***
     * 登录
     */
    @RequestMapping(value = "/login", method = RequestMethod.POST)
    public String login(String username, String password, String returnUrl,
                        HttpServletRequest request, HttpServletResponse response, Model model) {
        if (StringUtils.isEmpty(username)) {
            model.addAttribute("error", "用户名不能为空！");
        } else if (StringUtils.isEmpty(password)) {
            model.addAttribute("error", "密码不能为空！");
        } else {
            TbUser user = userService.selectUserByUserNameAndPassword(
                    username, DigestUtils.md5DigestAsHex(password.getBytes()));
            if (user == null) {
                model.addAttribute("error", "用户名或者密码错误！");
            } else {
                //获取csessionId
                String csessionId = RequestUtil.getCSessionId(request, response);
                //保存用户名到session中
                sessionProvider.setAttribute(csessionId, username);
                if (StringUtils.isEmpty(returnUrl)) {
                    return "redirect:https://www.baidu.com";
                }
                return "redirect:" + returnUrl;
            }
        }
        return "login";
    }

    /***
     * 判断用户是否登陆
     * jsonp跨域
     */
    @RequestMapping("isLogin")
    @ResponseBody
    public String isLogin(String callback, HttpServletRequest request, HttpServletResponse response) {
        int result = 0;
        String username = sessionProvider.getAttribute(RequestUtil.getCSessionId(request, response));
        if (!StringUtils.isEmpty(username)) {
            result = 1;
        }
        return callback + "(" +result;
    }

}
